| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When adding support for OpenSSL 1.1.x it was missed that EVP_PKEY_get0_RSA
is only available with that version. Earlier versions don't provide a fully
equivalent function, so add it to the compatibility helpers.
Fixes: 542a50d4eb (scripts: imx-image: fix build with OpenSSL 1.1.x)
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When an image is loaded to SRAM we can normally only load a part of the
full image, limited by the available space in SRAM. We currently load
the pblb image which is the executable part of the PBL without the
compressed barebox payload. We are going to link the compressed barebox
image into the pbl image though, so we can't see the desired load size
from outside the image anymore.
This adds a max_load_size option to set this size explicitly.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | |
| |
| |
| | |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The #if 0 or #if 1 is used to toggle features. Warn if #if 0 or #if 1
is present and suggest that they can be removed.
Based on 60f890105547f7a4 ("checkpatch: check for #if 0/#if 1")
Linux kernel commit.
Signed-off-by: Antony Pavlov <antonynpavlov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Also add Joe's copyright.
Based on Linux kernel commit 882ea1d64eb3956
("scripts: use SPDX tag in get_maintainer and checkpatch").
Signed-off-by: Antony Pavlov <antonynpavlov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Based on these Linux kernel commits
> 309c00c73f053a90 checkpatch: warn about memset with swapped arguments
> 554e165cf32610ec checkpatch: check for common memset parameter issues against statments
Signed-off-by: Antony Pavlov <antonynpavlov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
Based on commit 000d1cc1829f938c ("checkpatch.pl: add
ability to ignore various messages") from Linux kernel.
This simplifies current linux kernel checkpatch.pl commit
adoption for barebox due to conversion of
1-argument ERROR($1), WARN($1) and CHK($1) subs into
2-argument ERROR($1, $2), WARN($1, $2) and CHK($1, $2) subs.
Signed-off-by: Antony Pavlov <antonynpavlov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The instruction being patched in was a branch to 0x24000, instead of
the intended 0x9000. This doesn't matter when starting the image from
a regular boot source, but breaks starting the image via bootm, as we
rely on the jump in the first header instruction taking us to the
actual code.
As the code offset changes depending on the presence of the signed
HDMI firmware, compute the offet dynamically while building the image.
Fixes: 6d2132a9ded7 (scripts: imx-image: Add i.MX8MQ support)
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Linux commit 2ae89c7a82ea9d81a19b4fc2df23bef4b112f24e adapted for
barebox:
In file included from scripts/kconfig/zconf.tab.c:2485:
scripts/kconfig/confdata.c: In function ‘conf_write’:
scripts/kconfig/confdata.c:773:22: warning: ‘%s’ directive writing likely 7 or more bytes into a region of size between 1 and 4097 [-Wformat-overflow=]
sprintf(newname, "%s%s", dirname, basename);
^~
scripts/kconfig/confdata.c:773:19: note: assuming directive output of 7 bytes
sprintf(newname, "%s%s", dirname, basename);
^~~~~~
scripts/kconfig/confdata.c:773:2: note: ‘sprintf’ output 1 or more bytes (assuming 4104) into a destination of size 4097
sprintf(newname, "%s%s", dirname, basename);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
scripts/kconfig/confdata.c:776:23: warning: ‘.tmpconfig.’ directive writing 11 bytes into a region of size between 1 and 4097 [-Wformat-overflow=]
sprintf(tmpname, "%s.tmpconfig.%d", dirname, (int)getpid());
^~~~~~~~~~~
scripts/kconfig/confdata.c:776:3: note: ‘sprintf’ output between 13 and 4119 bytes into a destination of size 4097
sprintf(tmpname, "%s.tmpconfig.%d", dirname, (int)getpid());
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Increase the size of tmpname and newname to make GCC happy.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
out of for() loop
On older compilers this causes the following error:
| scripts/imx/imx-usb-loader.c: In function 'list_imx_device_types':
| scripts/imx/imx-usb-loader.c:252:2: error: 'for' loop initial declarations are only allowed in C99 mode
| for (int i = 0; i < ARRAY_SIZE(imx_ids); i++) {
| ^
| scripts/imx/imx-usb-loader.c:252:2: note: use option -std=c99 or -std=gnu99 to compile your code
Fixes: bcc2df673cdb ("scripts: imx-usb-loader: allow use of unknown USB IDs")
Reported-by: Niklas Reisser <Niklas.Reisser@de.bosch.com>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ |
|
| | |
| |
| |
| |
| | |
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Extend the bbremote script with operations to perform binary i2c
read/write operations.
E.g.:
barebox:/ i2c_read -b 0 -a 0x68 -r 0x06A0 -c 4 -w
0x8f 0x30 0x00 0x00
barebox:/ i2c_write -b 0 -a 0x68 -r 0x06A0 -w 0x87 0x30 0x00 0x00
barebox:/ i2c_read -b 0 -a 0x68 -r 0x06A0 -c 4 -w
0x87 0x30 0x00 0x00
barebox:/ i2c_write -b 0 -a 0x68 -r 0x06A0 -w 0x8f 0x30 0x00 0x00
barebox:/ i2c_read -b 0 -a 0x68 -r 0x06A0 -c 4 -w
0x8f 0x30 0x00 0x00
===================================================================
$ ./scripts/bbremote --port /dev/ttyUSB2 i2c-read 0x00 0x68 0x06A0 0x01 4
8f300000
$ ./scripts/bbremote --port /dev/ttyUSB2 i2c-write 0x00 0x68 0x06A0 0x01 "87300000"
4 bytes written
$ ./scripts/bbremote --port /dev/ttyUSB2 i2c-read 0x00 0x68 0x06A0 0x01 4
87300000
$ ./scripts/bbremote --port /dev/ttyUSB2 i2c-write 0x00 0x68 0x06A0 0x01 "8f300000"
4 bytes written
$ ./scripts/bbremote --port /dev/ttyUSB2 i2c-read 0x00 0x68 0x06A0 0x01 4
8f300000
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |/
|
|
|
|
|
|
|
|
| |
The commit b3baf2d86149 ("TODO: remove unused file") drops
the TODO file. Alas scripts/checkpatch.pl checks TODO file
presence in top_of_kernel_tree(). Without TODO checkpatch.pl
exits with 'Must be run from the top-level dir. of a kernel tree'.
Signed-off-by: Antony Pavlov <antonynpavlov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Normally MXS SoCs only allow to boot images which have been
encrypted with a zero key. If the ENABLE_UNENCTRYPTED_BOOT fuse
is blown then the SoC also allows to boot unencrypted images.
Add an option to the mxsimage tool to generate such images.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ \ |
|
| | |/
| |
| |
| |
| | |
Signed-off-by: Peter Mamonov <pmamonov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
.imxcfg configuration files support few more commands, all starting
with "hab_encrypt" string. That way it is possible to easily ignore
these commands, when image encryption was not requested. Hence, we can
use single .imxcfg file to generate signed and encrypted images in the
same build.
Images are encrypted in place by Freescale Code Signing Tool (cst),
using Data Encryption Key (DEK). This key needs to be encapsulated
by processor's hardware encryption engine to produce DEK blob, which
is unique for each device. DEK blob needs to be part of CSF area,
so we make enough space on the end of image to simply append it later,
e.g. during device flash procedure.
Introduced code was developed and tested on NXP i.MX6UL platform.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
hab_blocks command is used to specify image authentication blocks for
HAB. Currently it was configured to authenticate full barebox
image. However in case of booting from SD card and adding MBR
partition table, HAB authentication fails, as final boot image is
modified.
Add an optional argument to hab_blocks command, to select between
3 types of authentication areas:
- full: whole barebox image will be authenticated (this is default to
keep compatibility),
- from-dcdofs: image area up to dcdofs is not authenticated, so any
changes up to dcdofs are possible,
- skip-mbr: image area from 440 to 512 bytes is excluded from beeing
authenticated, which allows to add / modify MBR partition table
after building barebox image.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Older versions of "cst" want to read the CSF from STDIN, while newer versions
want to read the CSF from a file. Sadly, the "-i" option doesn't understand
"-i -" to read from STDIN, so we give it "/dev/stdin" instead.
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When building HAB images for i.MX we have to specify some pathes to
the certificates. This can be done with Kconfig variables. For better
build system integration we also want to be able to specify the pathes
in environment variables. This currently doesn't work as we specify
the variables from the environment with the -D option to cpp, but also
include generated/autoconf.h which overwrites the variables with the
values from Kconfig.
To overcome this introduce a Kconfig switch that explcitly selects
whether we want to have the variables from Kconfig or the environment.
Also, only pass the variables from the environment when explicitly
wanted.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Now that users can select the device type on the command line, having a
name without whitespace makes input for that device type easier.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Some vendors fuse their devices so that the IMX USB ROM loader
identifies itself with a different Vendor and Product ID on USB
enumeration. Currently, imx-usb-loader will refuse to detect and work
with such devices, so let's teach it.
Because we cannot easily detect the device type from the USB ID in this
case, introduce the new command line parameter -d <type> to specify the
device type to use on the device path specified with -p <path>, even if
the VID/PID pair of that device is unknown. The device name is sourced
from the "name" field of the imx_ids array of known devices at the top
of the file. Using "-d list" will print a list of known device types.
Using -d without -p will not do anything useful, except generate a
warning.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
find_imx_dev() loops through all USB devices, tries to open them, and
then compares the chosen device path (given with -p on the command line)
to the path of the currently opened device. The device path can be
checked earlier, opening the device is not neccessary.
We fail early here because in the next commit we want to enable the user
to force using a device by specifying its path. Opening every single
device available on the system then leads to unnecessary error messages
for all devices that do not match the provided path.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Make its purpose more clear when we introduce other similar functions
in one of the next commits.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Boot header on i.MX8MQ SoC allows embedding signed HDMI firmware
images that are used by mask ROM code during the very early stages of
boot. Since providing that firmware appear to be necessary to enable
SoC's HDMI/DP functionality extend imx-image tool to support this
feature. To do that add code implementing "signed_hdmi_firmware"
keyword, which allows users to specify a path to a binary blob
containing all of the necessary headers and footers as well firmware
data and code sections (this is how such images are provieded by NXP)
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |/
|
|
|
| |
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Add the switch 's' to fixup the image size into the barebox header.
This is used by the Arria10 PBL code to know the complete image size.
Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
Move i.MX header definitions from scripts to mach-imx in order to make
it available to both script and bootloader code.
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
compilation of fdtget was lost during the update to version 1.4.6.
We need this tool internally for the build process when imd support
is enabled.
Apparently our dtc code comes from the Kernel which doesn't have the
upstream version of fdtget.c and it doesn't compile. This patch
changes fdtget.c to the upstream version as of 1.4.6. This isn't
noticed in the Kernel because fdtget isn't compiled there.
Fixes: 8a8982541 scripts/dtc: Update to upstream version 1.4.6
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
OpenSSL 1.1.x made some of the types opaque, so peeking inside directly
doesn't work anymore. Use the correct accessors instead.
I've dropped the algorithm check, as EVP_PKEY_get0_RSA() already verifies
that the pubkey is RSA and returns NULL if it isn't.
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ |
|
| | |
| |
| |
| |
| | |
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | | |
| | |
| | |
| | |
| | | |
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
Use a loop to create multiple header copies on i.MX35 to avoid code
duplication.
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |/
|
|
|
|
| |
Disable the dtc warnings that are disabled in the kernel aswell.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Since kwboot checks the contents of the file to send it only works for
v1 images (or with -f). Extend the check to know about v0 images, too.
Fixes: 39ebd7e73bec ("kwboot: do a filetype check before sending the image")
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This allows to enable host tools even if they are not needed for the
current configuration to improve compile coverage and simplify packaging
these tools. The conversion doesn't cover all tools available but can be
extended later.
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Compiling omap3-usb-loader issues the warning:
warning: self-comparison always evaluates to true [-Wtautological-compare]
Just remove the bogus test.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
